diff --git a/lib/cifra.c b/lib/cifra.c index cbe6d6c0e..507014ef2 100644 --- a/lib/cifra.c +++ b/lib/cifra.c @@ -23,10 +23,16 @@ #include "picotls.h" #include "picotls/minicrypto.h" -ptls_cipher_suite_t *ptls_minicrypto_cipher_suites[] = {&ptls_minicrypto_aes256gcmsha384, &ptls_minicrypto_aes128gcmsha256, - &ptls_minicrypto_chacha20poly1305sha256, +ptls_cipher_suite_t *ptls_minicrypto_cipher_suites[] = {// ciphers used with sha384 (must be first) #ifdef PTLS_HAVE_AEGIS - &ptls_minicrypto_aegis128lsha256, &ptls_minicrypto_aegis256sha384, #endif + &ptls_minicrypto_aes256gcmsha384, + + // ciphers used with sha256 +#ifdef PTLS_HAVE_AEGIS + &ptls_minicrypto_aegis128lsha256, +#endif + &ptls_minicrypto_aes128gcmsha256, + &ptls_minicrypto_chacha20poly1305sha256, NULL}; diff --git a/lib/cifra/libaegis.c b/lib/cifra/libaegis.c index 2638e57ed..0b4af9349 100644 --- a/lib/cifra/libaegis.c +++ b/lib/cifra/libaegis.c @@ -59,4 +59,4 @@ ptls_aead_algorithm_t ptls_minicrypto_aegis256 = {"AEGIS-256", ptls_cipher_suite_t ptls_minicrypto_aegis256sha384 = {.id = PTLS_CIPHER_SUITE_AEGIS256_SHA384, .name = PTLS_CIPHER_SUITE_NAME_AEGIS256_SHA384, .aead = &ptls_minicrypto_aegis256, - .hash = &ptls_minicrypto_sha256}; + .hash = &ptls_minicrypto_sha384}; diff --git a/lib/openssl.c b/lib/openssl.c index 5b1ed6f02..daf1dbaaf 100644 --- a/lib/openssl.c +++ b/lib/openssl.c @@ -2210,13 +2210,19 @@ ptls_cipher_suite_t ptls_openssl_aegis256sha384 = {.id = PTLS_CIPHER_SUITE_AEGIS -ptls_cipher_suite_t *ptls_openssl_cipher_suites[] = {&ptls_openssl_aes256gcmsha384, &ptls_openssl_aes128gcmsha256, -#if PTLS_OPENSSL_HAVE_CHACHA20_POLY1305 - &ptls_openssl_chacha20poly1305sha256, +ptls_cipher_suite_t *ptls_openssl_cipher_suites[] = {// ciphers used with sha384 (must be first) +#if PTLS_HAVE_AEGIS + &ptls_openssl_aegis256sha384, #endif + &ptls_openssl_aes256gcmsha384, + + // ciphers used with sha256 #if PTLS_HAVE_AEGIS &ptls_openssl_aegis128lsha256, - &ptls_openssl_aegis256sha384, +#endif + &ptls_openssl_aes128gcmsha256, +#if PTLS_OPENSSL_HAVE_CHACHA20_POLY1305 + &ptls_openssl_chacha20poly1305sha256, #endif NULL}; diff --git a/t/openssl.c b/t/openssl.c index 4ca49aa38..4a4f84312 100644 --- a/t/openssl.c +++ b/t/openssl.c @@ -562,9 +562,13 @@ int main(int argc, char **argv) .server = {.create_opener = &ech_create_opener, .retry_configs = {(uint8_t *)ECH_CONFIG_LIST, sizeof(ECH_CONFIG_LIST) - 1}}}, .sign_certificate = &openssl_sign_certificate.super}; - assert(openssl_ctx.cipher_suites[0]->hash->digest_size == 48); /* sha384 */ + assert(openssl_ctx.cipher_suites[0]->hash->digest_size == 48); /* aes256, sha384 */ ptls_context_t openssl_ctx_sha256only = openssl_ctx; ++openssl_ctx_sha256only.cipher_suites; +#ifdef PTLS_HAVE_AEGIS + assert(openssl_ctx.cipher_suites[0]->hash->digest_size == 48); /* aegis256, sha384 */ + ++openssl_ctx_sha256only.cipher_suites; +#endif assert(openssl_ctx_sha256only.cipher_suites[0]->hash->digest_size == 32); /* sha256 */ ctx = ctx_peer = &openssl_ctx;